0

1/ Microsoft Research has announced that Project Petridish, a neural architecture search algorithm that automatically builds deep-learning models, is now open source. Petridish is aimed at increasing efficiency and speed in finding suitable neural architectures, making the process easier for those in the field, as well as those without expertise interested in machine learning solutions. Petridish, which was also inspired by gradient boosting, creates as its search output a gallery of models to choose from, incorporates stop-forward and stop-gradient layers in more efficiently identifying beneficial candidates for building that gallery, and uses asynchronous training. Microsoft said it has made available all source code for Petridish (under MIT license) using TensorFlow 1.12. [Source: Microsoft Research Blog]

2/ Ahead of RSA Conference 2020, self-styled continuous intelligence company Sumo Logic has announced the availability of its new Cloud SIEM Enterprise offering. The company expects organizations to benefit from the new offering that features comprehensive functionality from automated security workflows to advanced threat detection and cloud visibility to address modern security operation challenges. The cloud-native solution modernizes security operations by automating the manual work for the security analyst, saving them time and enabling them to be more effective by focusing on higher-value security functions. It also provides real-time insights and intelligence SOC teams can use to identify evidence of compromise and improve their ability to respond quickly by understanding the impact of an attack. [Source: Yahoo! Finance]

3/ Microsoft has announced the general availability of its Threat Protection platform released as a public preview in December last year. Microsoft Threat Protection or MTP is said to offer the built-in intelligence, automation, and integration by combining and orchestrating into a single solution the capabilities of Microsoft Defender Advanced Threat Protection (ATP) (endpoints), Office 365 ATP (email), Azure ATP (identity), and Microsoft Cloud App Security (apps). MTP correlates alerts and low-level signals into incidents to determine the full scope of the threat across Microsoft 365 services. Incidents provide a complete picture of the threat in real time and in a single, cohesive console. Further, MTP empowers the security team to be proactive, giving them back the time they need to learn from our insights, harden defenses, and keep out more threats. It also lets them use their organizational knowledge like proprietary indicators of compromise, org-specific behavioral patterns, and free-form research to actively hunt for threats across domains with custom queries over raw data. [Source: Microsoft Blog]

4/ The next big news is that Microsoft has released the public preview of Microsoft Defender Advanced Threat Protection (ATP) for Linux. Keeping in view the complex customers’ environments, this enterprise security product offers protection across multiple platforms through a single solution. The software giant has plans to bring its Defender antivirus software to Android and iOS later this year to provide antivirus prevention and a “full command line experience.” Though Microsoft is yet to share details on what the apps will exactly do, the company plans to preview them at the RSA Conference that kicks off in San Francisco next week. Azure Sentinel, Microsoft’s cloud-native security information and event manager (SIEM), further extends the capabilities of MTP by incorporating alerts, threat intelligence, and signals from third-party solutions. [Source: Microsoft Blog, The Verge]